Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-14500 |
|
Path Traversal in wordpress (CVE-2026-14500)
path traversal in wordpress (CVE-2026-14500). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14487 |
|
Path Traversal in wordpress (CVE-2026-14487)
path traversal in wordpress (CVE-2026-14487). Data can be tampered with by attackers.
|
| CVE-2026-14244 |
|
Path Traversal in wordpress (CVE-2026-14244)
path traversal in wordpress (CVE-2026-14244). Confidential information can be exposed externally.
|
| CVE-2026-9725 |
|
Path Traversal in wordpress (CVE-2026-9725)
path traversal in wordpress (CVE-2026-9725). Data can be tampered with by attackers.
|
| CVE-2026-14352 |
|
Path Traversal in wordpress (CVE-2026-14352)
path traversal in wordpress (CVE-2026-14352). Confidential information can be exposed externally. Exploitable via `Referer header`.
|
| CVE-2026-14327 |
|
Path Traversal in wordpress (CVE-2026-14327)
path traversal in wordpress (CVE-2026-14327). Confidential information can be exposed externally.
|
| CVE-2026-7311 |
|
Path Traversal in wordpress (CVE-2026-7311)
path traversal in wordpress (CVE-2026-7311). Data can be tampered with by attackers.
|
| CVE-2026-9145 |
|
Path Traversal in wordpress (CVE-2026-9145)
path traversal in wordpress (CVE-2026-9145). Confidential information can be exposed externally.
|
| CVE-2026-13369 |
|
Path Traversal in wordpress (CVE-2026-13369)
path traversal in wordpress (CVE-2026-13369). Confidential information can be exposed externally.
|
| CVE-2026-13251 |
|
Path Traversal in wordpress (CVE-2026-13251)
path traversal in wordpress (CVE-2026-13251). Confidential information can be exposed externally.
|
| CVE-2026-11367 |
|
Path Traversal in wordpress (CVE-2026-11367)
path traversal in wordpress (CVE-2026-11367). Confidential information can be exposed externally.
|
| CVE-2026-11911 |
|
Path Traversal in wordpress (CVE-2026-11911)
path traversal in wordpress (CVE-2026-11911). Confidential information can be exposed externally.
|
| CVE-2026-9843 |
|
Path Traversal in wordpress (CVE-2026-9843)
path traversal in wordpress (CVE-2026-9843). Data can be tampered with by attackers.
|
| CVE-2026-7547 |
|
Path Traversal in wordpress (CVE-2026-7547)
path traversal in wordpress (CVE-2026-7547). Confidential information can be exposed externally.
|
| CVE-2026-8713 |
|
Path Traversal in wordpress (CVE-2026-8713)
path traversal in wordpress (CVE-2026-8713). Data can be tampered with by attackers.
|
| CVE-2025-69131 |
|
Path Traversal in wordpress (CVE-2025-69131)
path traversal in wordpress (CVE-2025-69131). Confidential information can be exposed externally.
|
| CVE-2025-60223 |
|
Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot <= 13.6.5 versions.
Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot <= 13.6.5 versions.
|
| CVE-2026-8442 |
|
Path Traversal in wordpress (CVE-2026-8442)
path traversal in wordpress (CVE-2026-8442). Data can be tampered with by attackers.
|
| CVE-2026-39468 |
|
Path Traversal in wordpress (CVE-2026-39468)
path traversal in wordpress (CVE-2026-39468). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20081 |
|
Path Traversal in wordpress (CVE-2016-20081)
path traversal in wordpress (CVE-2016-20081). Confidential information can be exposed externally.
|
| CVE-2016-20076 |
|
Path Traversal in wordpress (CVE-2016-20076)
path traversal in wordpress (CVE-2016-20076). Confidential information can be exposed externally.
|
| CVE-2026-9062 |
|
Path Traversal in wordpress (CVE-2026-9062)
path traversal in wordpress (CVE-2026-9062). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12089 |
|
Path Traversal in wordpress (CVE-2026-12089)
path traversal in wordpress (CVE-2026-12089). Confidential information can be exposed externally.
|
| CVE-2017-20250 |
|
Path Traversal in wordpress (CVE-2017-20250)
path traversal in wordpress (CVE-2017-20250). Confidential information can be exposed externally.
|
| CVE-2022-50953 |
|
Path Traversal in wordpress (CVE-2022-50953)
path traversal in wordpress (CVE-2022-50953). Confidential information can be exposed externally.
|
| CVE-2026-9197 |
|
Path Traversal in wordpress (CVE-2026-9197)
path traversal in wordpress (CVE-2026-9197). Confidential information can be exposed externally.
|
| CVE-2026-7565 |
|
Path Traversal in wordpress (CVE-2026-7565)
path traversal in wordpress (CVE-2026-7565). Confidential information can be exposed externally.
|
| CVE-2026-2500 |
|
Path Traversal in csharp (CVE-2026-2500)
path traversal in csharp (CVE-2026-2500). Confidential information can be exposed externally. Exploitable via ``filename``.
|
| CVE-2026-9290 |
|
Path Traversal in wordpress (CVE-2026-9290)
path traversal in wordpress (CVE-2026-9290). Confidential information can be exposed externally.
|
| CVE-2019-25727 |
|
Path Traversal in wordpress (CVE-2019-25727)
path traversal in wordpress (CVE-2019-25727). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42737 |
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
|
| CVE-2026-40383 |
|
Joomla! Core - [20260509] - LFI in HTMLView layout parameter
Joomla! Core - [20260509] - LFI in HTMLView layout parameter
|
| CVE-2026-40384 |
|
Path Traversal in joomla (CVE-2026-40384)
path traversal in joomla (CVE-2026-40384). Confidential information can be exposed externally. Mitigation: upgrade to `5.4.6, 6.1.1` or later.
|
| CVE-2026-6381 |
|
Path Traversal in wordpress (CVE-2026-6381)
path traversal in wordpress (CVE-2026-6381). Successful exploitation can lead to full system takeover.
|
| CVE-2018-25326 |
|
Path Traversal in wordpress (CVE-2018-25326)
path traversal in wordpress (CVE-2018-25326). Confidential information can be exposed externally.
|
| CVE-2018-25325 |
|
Path Traversal in wordpress (CVE-2018-25325)
path traversal in wordpress (CVE-2018-25325). Confidential information can be exposed externally.
|
| CVE-2021-47979 |
|
Path Traversal in c (CVE-2021-47979)
path traversal in c (CVE-2021-47979). Successful exploitation can lead to full system takeover.
|
| CVE-2021-47977 |
|
Path Traversal in wordpress (CVE-2021-47977)
path traversal in wordpress (CVE-2021-47977). Confidential information can be exposed externally.
|
| CVE-2026-6403 |
|
Path Traversal in wordpress (CVE-2026-6403)
path traversal in wordpress (CVE-2026-6403). Confidential information can be exposed externally.
|
| CVE-2026-27886 |
|
Path Traversal in @strapi/strapi (CVE-2026-27886)
path traversal in @strapi/strapi (CVE-2026-27886). Confidential information can be exposed externally. Exploitable via `POST /admin/reset-password`. Mitigation: upgrade to `5.37.0` or later.
|
| CVE-2026-6670 |
|
Path Traversal in wordpress (CVE-2026-6670)
path traversal in wordpress (CVE-2026-6670). Confidential information can be exposed externally.
|
| CVE-2026-34653 |
|
Path Traversal in path-traversal (CVE-2026-34653)
path traversal in path-traversal (CVE-2026-34653). Confidential information can be exposed externally.
|
| CVE-2022-50956 |
|
Path Traversal in wordpress (CVE-2022-50956)
path traversal in wordpress (CVE-2022-50956). Confidential information can be exposed externally.
|
| CVE-2020-11738 KEV |
|
[KEV] Path Traversal in Wordpress snap-creek-duplicator-plugin (CVE-2020-11738)
path traversal in Wordpress snap-creek-duplicator-plugin (CVE-2020-11738). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-7669 |
|
Path Traversal in wordpress (CVE-2015-7669)
path traversal in wordpress (CVE-2015-7669). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17058 |
|
Path Traversal in wordpress (CVE-2017-17058)
path traversal in wordpress (CVE-2017-17058). Confidential information can be exposed externally.
|
| CVE-2017-15079 |
|
Path Traversal in wordpress (CVE-2017-15079)
path traversal in wordpress (CVE-2017-15079). Confidential information can be exposed externally.
|
| CVE-2017-14722 |
|
Path Traversal in wordpress (CVE-2017-14722)
path traversal in wordpress (CVE-2017-14722). Confidential information can be exposed externally.
|
| CVE-2017-14719 |
|
Path Traversal in wordpress (CVE-2017-14719)
path traversal in wordpress (CVE-2017-14719). Confidential information can be exposed externally.
|
| CVE-2017-11658 |
|
Path Traversal in wordpress (CVE-2017-11658)
path traversal in wordpress (CVE-2017-11658). Confidential information can be exposed externally.
|